On 26 Mar 2002, Ramiro Morales writes (as part of a series of ideas):

> tls_cert_file:  /usr/local/lib/ssl/newcert.cer
> tls_key_file:   /usr/local/lib/ssl/key.pem
> 
> with these SSL cert and key files created as
> described in the install-configure.html file?

This one was the solution.  Many thanks!  I feel somewhat silly... I
should have RTFMed... and yet...  in a way, I *did*!  I read the
imapd.conf man page, which supposedly lists all possible options which
can be placed within that file.  I did so more than once.  It does not
include these two, nor anything relating to TLS or SSL.

I did not go through the HTML install docs step by step, because the
install was already done by the RPM.  Red Hat's apache RPMs go so far
as to set it up to create use self-signed SSL certificates
automatically, when the mod_ssl RPM is installed.  This might be a
nice enhancement for future cyrus-imapd RPMs.  I'll happily script
just such an automated setup (now that it works for me manually!) and
send you a patch against your cyrus-imapd.spec file, if that would be
useful.

One other way to 'alert' people (like me!) to these options could be
to include them, commented out, in the RPM-supplied default imapd.conf
file.

This problem (lack of info on tls_* options in the imapd.conf man
page) seems to have been fixed in the 2.1.3 man page, so only people
like me who are still a little wary of the newness of 2.1.x and
SASLv2, and who prefer RPMs when they can get them, will run into
this...

Thanks again for pointing me in the right direction,

Jonathan



Reply via email to